Securing Identities: Leveraging Zero Trust to Enhance IAM Systems
The frequency of data breaches and leaks in 2023 has surpassed cyber incidents from the past five years, highlighting the necessity for strong cybersecurity frameworks. In his discussion, Bart Falzarano, Head of Information Security at Bitwarden, will highlight the critical role of Zero Trust architecture in enhancing Identity Access Management (IAM) systems. This approach, based on the "never trust, always verify" principle, involves explicit verification and least privileged access to minimize cybersecurity risks and unify fragmented identities within a secure and manageable IT environment.
Falzarano's session will examine the integration of Zero Trust principles with IAM, focusing on establishing unified access policies and contextual controls to create a resilient and adaptive security framework. The discussion will provide insights into practical steps and strategies to implement robust cybersecurity measures efficiently. Falzarano will also explicitly address some of the following talking points:
- Cybersecurity Challenges: Rising BEC attacks and prevalent social engineering tactics, as shown in Verizon’s 2023 DBIR report, exacerbated by generative AI
- The Human Factor: 74% of breaches involve human error (e.g., social engineering), highlighting threat vectors like stolen credentials and privilege misuse
- Zero Trust Focus: Zero Trust prioritizing identify-first security for robust defenses
- Access Control: Rigorous security audits, enhancing MFA, and moving toward passwordless authentication
- Security Tools: Adoption of EDR/XDR, ITDR, and SASE solutions reinforces organizational cybersecurity posture
- Access Management Practices: Implementing least privilege access and just-in-time (JIT) provisioning aligns with zero trust principles, minimizing access risks
Sponsored by:
Speakers
Parham Eftekhari is a business executive specializing in cyber and national security. He currently serves as Executive Vice President, CISO Communities at CyberRisk Alliance, leading its CISO services platform which consists of the Cybersecurity Collaborative and Cybersecurity Collaboration Forum. Parham also serves as the chairman of the Institute for Critical Infrastructure Technology (ICIT), the nation’s leading cybersecurity think tank, which he founded in 2014. Other leadership roles during his more than 15 years in this sector include co-founder and Vice President of research at the Government Technology Research Alliance, founder of the world’s first webcam cover manufacturer CamPatch, and Advisory Board member at the Ready Rock Institute. Parham has developed and authored multiple research publications, regularly engages with the media, and has addressed forums ranging from Congress, TED, RSA, and C-SPAN. In 2017, Parham was recognized by (ISC)2 for his contributions to the field of cybersecurity with the Most Valuable Industry Partner – Government Information Security Leadership Award.
Bart Falzarano is Head of Information Security at Bitwarden. He is a seasoned security leader with a proven background in establishing security programs and implementing compliance frameworks, including PCI-DSS, EU Data Privacy/GDPR, and SSAE16/SSAE18 SOC1 and SOC2 Type 2. Prior to taking on his role at Bitwarden, Bart was SVP Sr. Information Security Officer at Bank of America. Before that, he spearheaded healthcare payment technology development as VP Security & Compliance at AxiaMed and implemented security and governance protocols for RightScale from Flexera as the company’s Director of Security and Compliance.